Virtual Router/ Firewall/ VPN

Reply
New Member
Posts: 1
Registered: ‎06-27-2014

Configure GRE tunnel

Hi all.

 

I'm trying to configure two Vyatta virtual routers so that i can connect two internal networks. I have two hypervisors, one with IP 10.90.147.126/20 that runs VM's on IP's 192.168.61.0/24 and the second hypervisor has IP 10.90.205.148/22 and runs VM's with IP 192.168.71.0/24.

 

I've created two Vyatta VM's in each hypervisor with 2 nics each, one External and one Internal. The idea is to allow the internal machines from one hypervisor to contact the others on the other hypervisor.

 

My current config is as follows:

 

Vyatta on hypervisor 10.90.147.126/20. This router has IP 10.90.149.239 as external and 192.168.61.x/24 as internal.

interfaces {
    ethernet eth0 {
        address dhcp
        description Externa
        duplex auto
        hw-id 00:15:5d:93:7e:f2
        smp_affinity auto
        speed auto
    }
    ethernet eth1 {
        address dhcp
        description Interna
        duplex auto
        hw-id 00:15:5d:93:7e:f3
        smp_affinity auto
        speed auto
    }
    loopback lo {
    }
    tunnel tun0 {
        address 10.90.149.239/20
        description "GRE tunnel to XS"
        encapsulation gre
        local-ip 10.90.149.239
        multicast disable
        remote-ip 10.90.204.198
    }
}
protocols {
    ospf {
        area 0 {
            network 192.168.61.0/24
            network 192.168.71.0/24
        }
    }
    static {
        route 192.168.69.0/24 {
            next-hop 10.90.204.198 {
            }
        }
    }
}
system {
    config-management {
        commit-revisions 20
    }
    console {
        device ttyS0 {
            speed 9600
        }
    }
    gateway-address 10.90.144.1
    host-name HVRouter
    login {
        user vyatta {
            authentication {
                encrypted-password $1$4XHPj9eT$G3ww9B/pYDLSXC8YVvazP0
            }
            level admin
        }
    }
    ntp {
        server 0.vyatta.pool.ntp.org {
        }
        server 1.vyatta.pool.ntp.org {
        }
        server 2.vyatta.pool.ntp.org {
        }
    }
    package {
        auto-sync 1
        repository community {
            components main
            distribution stable
            password ""
            url http://packages.vyatta.com/vyatta
            username ""
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone GMT
}

Vyatta on hypervisor 10.90.205.148/22. This has external IP 10.90.204.198 and 192.168.71.x/24 internal

 

interfaces {
    ethernet eth0 {
        address 10.90.204.198/22
        description Externa
        duplex auto
        hw-id 36:80:eb:a2:0a:38
        smp_affinity auto
        speed auto
    }
    ethernet eth1 {
        address dhcp
        description Interna
        duplex auto
        hw-id 6a:90:f1:8d:a6:b5
        smp_affinity auto
        speed auto
    }
    loopback lo {
    }
    tunnel tun0 {
        address 10.90.204.198/22
        description "GRE tunnel to HV"
        encapsulation gre
        local-ip 10.90.204.198
        multicast disable
        remote-ip 10.90.149.239
    }
}
policy {
    route HyperV {
        rule 10 {
            destination {
                address 192.168.61.0/24
            }
            set {
                table 1
            }
            source {
                address 192.168.71.0/24
            }
        }
    }
}
protocols {
    ospf {
        area 0 {
            network 192.168.71.0/24
            network 192.168.61.0/24
        }
    }
    static {
        route 192.168.61.0/24 {
            next-hop 10.90.149.239 {
            }
        }
    }
}
system {
    config-management {
        commit-revisions 20
    }
    console {
        device hvc0 {
            speed 9600
        }
        device ttyS0 {
            speed 9600
        }
    }
    gateway-address 10.90.204.1
    host-name XSRouter
    login {
        user vyatta {
            authentication {
                encrypted-password $1$D8C.TxHU$4WPJrqzsxohyhElCyxpmC1
            }
            level admin
        }
    }
    ntp {
        server 0.vyatta.pool.ntp.org {
        }
        server 1.vyatta.pool.ntp.org {
        }
        server 2.vyatta.pool.ntp.org {
        }
    }
    package {
        auto-sync 1
        repository community {
            components main
            distribution stable
            password ""
            url http://packages.vyatta.com/vyatta
            username ""
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone GMT
}

 

What I'm missing so that the 192.168.61.0/24 network can communicate with the 192.168.71.0/24 and vice-versa?


I also want to implement NAT on this so the machines can have internet access, so I would also like some help here. My workd is vyrtualization and I don't work with networks for much time.

 

Thanks,

Mike

 

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.